Over 1.65 Million Computers Infected With Cryptocurrency Miners in 2017 So Far

Telemetry data collected by Kaspersky Lab shows that in the first nine months of 2017, malware that mines for various types of cryptocurrencies has infected more than 1.65 million endpoints.

According to Kaspersky, detections for cryptocurrency mining trojans rose from a lowly 205,000 infections in 2013 to nearly 1.8 million in 2016, and 2017 looks like it will easily surpass that number.

Zcash and Monero miners on the rise

Of all virtual currencies, Zcash and Monero were the favorites, primarily because of their support for anonymous transactions, which comes in handy to anyone looking to hide a money trail from criminal operations.

While Monero is a long-time favorite of cryptocurrency mining trojans, Zcash is a recent addition, as the cryptocurrency launched only last November.

Nonetheless, one month later, several criminal mining operations had adopted the currency, with one group's earnings estimated at $75,000/year/~1,000 computers.

A review of past major operations

Since last year, the rise in cryptocurrency mining malware distribution was easily observable by the number of reports put out by cyber-security firms. Such reports often help infosec industry observers to gauge new trends.

Below is a list with the most important malware distribution campaigns that pushed cryptocurrency miners in 2017.

These are only some of the major campaigns, but there are countless of other smaller operations that went unreported.

If you're wondering why is this rise in cryptocurrency mining malware taking place, the answer is quite simple. During the past year, trading prices for virtual currencies have skyrocketed across the board, almost for all major cryptocurrencies. Bitcoin, Monero, Ethereum, Zcash, and others, have seen huge price spikes that have fueled market speculation and attracted both legitimate users and the criminal underground looking to make a quick buck.

Catalin Cimpanu is the Security News Editor for Bleeping Computer, where he covers topics such as malware, breaches, vulnerabilities, exploits, hacking news, the Dark Web, and a few more. Catalin previously covered Web & Security news for Softpedia between May 2015 and October 2016. The easiest way to reach Catalin is via his XMPP/Jabber address at campuscodi@xmpp.is. For other contact methods, please visit Catalin's author page.

To get the attention of those obsessed with Climate Change, maybe someone could put a Carbon Footprint number to these types of activities; and don't forget to add the heat directly pumped from those cranking GPUs. On second thought, they might be moved to make a crypto-currency donation, and just make it worse.